Heim  >  Artikel  >  php教程  >  Apache-2.4+Tomcat-7+SSL +VirtualHost+自签发证书安装测试

Apache-2.4+Tomcat-7+SSL +VirtualHost+自签发证书安装测试

WBOY
WBOYOriginal
2016-06-13 08:51:481511Durchsuche

Apache-2.4+Tomcat-7+SSL +VirtualHost+自签发证书安装测试


一、安装依懒软件包

1、安装apr软件包
# wget -c http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-1.5.2.tar.bz2
#tar -jxvf apr-1.5.2.tar.bz2
#cd apr-1.5.2
# ./configure --prefix=/usr/
#make
# make install

2、安装apr-util软件包
# wget http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-util-1.5.4.tar.bz2
#tar -jxvf apr-util-1.5.4.tar.bz2
#cd apr-util-1.5.4
#cd /usr/local/src/apr-util-1.5.4
#./configure --prefix=/usr/ --with-apr=/usr/
#make
#make install

3、安装pcre软件包
#wget -c http://sourceforge.net/projects/pcre/files/pcre/8.37/pcre-8.37.tar.bz2/download
# tar -jxvf pcre-8.37.tar.bz2
#cd pcre-8.37
# ./configure --prefix=/usr/local/
#make
#make install

二、安装Apache软件包

#wget -c http://apache.fayea.com//httpd/httpd-2.4.16.tar.bz2
#cd httpd-2.4.16
#./configure --prefix=/usr/local/apache-2.4 --enable-modules=all --enable-mods-shared=all --enable-ssl
#make
#make install

三、开启ssl支持
1、修改vi httpd.conf 开启
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-ssl.conf


四、生成自签发证书:
# cd /usr/local/apache-2.4/conf/
#openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout server.key -out server.crt
#根据实际情况填写国家、组织、地区、公司名生成自签发证书

五、启动Aapche软件测试。。
#/usr/local/apache-2.4/bin/apachectl start
https://访问, 注意防火墙开启443端口


六、Apache+Tomcat-7 联配


1、 安装JDK 略
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-7/v7.0.64/bin/apache-tomcat-7.0.64.tar.gz
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.41-src.tar.gz
2、安装Tomcat
# tar -zxvf apache-tomcat-7.0.64.tar.gz
# ln -s tomcat apache-tomcat-7.0.64

3、安装tomcat-connectors模块
# tar -zxvf tomcat-connectors-1.2.41-src.tar.gz
# cd tomcat-connectors-1.2.41-src
# ./ buildconf.sh
# ./configure --with-apxs=/usr/local/apache-2.4/bin/apxs --with-tomcat=/usr/local/tomcat --with-java-home=/usr/local/jdk --with-jni
#make
#make install

七、开启mod_jk模块

修改vi httpd.conf最后添加如下 开启 mod_jk module 支持

# Load mod_jk module
LoadModule jk_module modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile /usr/local/apache/conf/workers.proferties
# Where to put jk logs
JkLogFile /usr/local/apache/logs/mod_jk.log

# Set the jk log level [debug/error/info]
JkLogLevel info

# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "

# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"

# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories

# Send servlet for context /examples to worker named worker1
#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1

# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1

八、新建 workers.proferties 文件

[root@localhost conf]# more workers.proferties
workers.tomcat_home=/usr/local/tomcat
workers.java_home=/usr/local/jdk
ps=/
worker.list=worker1
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.connection_pool_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.lbfactor=1
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
[root@localhost conf]#

九、Apache+Tomcat+SSL+虚拟主机:

1、修改: httpd-ssl.conf 添加如下虚拟主机




# General setup for the virtual host
DocumentRoot "/www/clients/aaa.com/htdocs"
ServerName www.aaa.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/aaa.com/logs/error_log"
TransferLog "/www/clients/aaa.com/logs/access_log"



Options -Indexes +FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp



#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1


# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1




# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.


SSLEngine on


SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"



SSLOptions +StdEnvVars


SSLOptions +StdEnvVars



BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0


CustomLog "/usr/local/apache-2.4/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"










# General setup for the virtual host
DocumentRoot "/www/clients/bbb.com/htdocs"
ServerName www.bbb.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/bbb.com/logs/error_log"
TransferLog "/www/clients/bbb.com/logs/access_log"



Options -Indexes +FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp



#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1


# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1




# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.


SSLEngine on


SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"



SSLOptions +StdEnvVars


SSLOptions +StdEnvVars



BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0


CustomLog "/usr/local/apache-2.4/logs/ssl_requbbest_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"





十、添加Tomcat虚拟主机:


1、修改:Tomcat的配置文件 server.xml 添加如下:





www.aaa.com



prefix="aaa.com_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />

debug="0" reloadable="true"/>








www.bbb.com



prefix="bbb.com_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />


debug="0" reloadable="true"/>





十一、编写测试页面:

[root@localhost htdocs]# pwd
/www/clients/aaa.com/htdocs
[root@localhost htdocs]# more index.jsp


JSP测试页面


Hello wwww.aaa.com World! ");%>


[root@localhost htdocs]#


[root@localhost htdocs]# pwd
/www/clients/bbb.com/htdocs
[root@localhost htdocs]# more index.jsp


JSP测试页面


Hello wwww.bbb.com World! ");%>


[root@localhost htdocs]#


十二、启动: apache、tomcat进行测试
# /usr/local/apache/bin/apachectl start
# /usr/local/tomcat/bin/startup.sh

2、修改本机主机hosts 测试
https://www.aaa.com
https://www.bbb.com

附:优化Tomcat参数:修改:catalina.sh文件 增加如下红色字
# Set juli LogManager config file if it is present and an override has not been issued
if [ -z "$LOGGING_CONFIG" ]; then
if [ -r "$CATALINA_BASE"/conf/logging.properties ]; then
LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties"
else
# Bugzilla 45585
LOGGING_CONFIG="-Dnop"
fi
fi
JAVA_OPTS="-server -Xms256m -Xmx2048m -XX:PermSize=64M -XX:MaxNewSize=256m -XX:MaxPermSize=512m "

Stellungnahme:
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn